ServMon

1101113151630

Comments

  • Type your comment> @malwarepeter said:
    > ssh: Permission denied, please try again.
    >
    > do i miss something here..owned all credentials but cant go through
    >
    > any nudge and i think am on the right track

    There are two parts that make up credentials, it’s not all about the second part.
  • Type your comment> @wizedkyle said:

    Type your comment> @malwarepeter said:

    ssh: Permission denied, please try again.

    do i miss something here..owned all credentials but cant go through

    any nudge and i think am on the right track

    There are two parts that make up credentials, it’s not all about the second part.

    I was dumb, I found that hydra can automate that and gives the right creds

  • edited April 2020
    I don't really know why you'd need to automate that part. There's only 2 usernames to try and only a handful of passwords. Took me 3 manual attempts to get the right combo. I guess in the real world you'd probably have a lot more data so its a good idea to get used to automating these things... but for people just wanting to complete this machine, you don't *need* to automate anything on this box.
  • Finally rooted!

    I had much frustration with the Web UI and finally decided to go the API route after reading posts here. I had to read the docs, poke around, and put things together. I was unsure how to run it and took a stab in the dark...and got the admin shell, somehow!

    For root on this box, it was clear to me what to exploit early on, but not so straightforward how to.

  • @VbScrub said:

    I don't really know why you'd need to automate that part.

    Fun?

    To be fair I did it simply because it was easier. I'd already dumped the data into two files because I didn't know what would be needed so running a tool became a simple single command line.

    100% agree though, I think there is less than a dozen possible combinations so manual is not much more effort :smile:

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • @TazWake ah yeah in that case fair enough. In my case I think it would have been more effort to create the separate files and set up the automation than it would to just copy and paste a few password attempts :)

    Either way, each to their own and I'm certainly not saying its a bad thing to automate it, just clarifying that you don't NEED to do it for any part of this box. Don't want people to get the wrong idea and start trying to brute force things lol

  • Type your comment> @VbScrub said:

    I don't really know why you'd need to automate that part. There's only 2 usernames to try and only a handful of passwords. Took me 3 manual attempts to get the right combo. I guess in the real world you'd probably have a lot more data so its a good idea to get used to automating these things... but for people just wanting to complete this machine, you don't need to automate anything on this box.

    +1, i try one by one and found true combination in 1 or 2 minute


    Hack The Box

    You can pm me on discord sh4d0wless#6154

  • Rooted via web GUI. Am interested in how the API method worked, if anyone wants to share. I can expose first few chars of root flag as proof if needed.

    ph03nix0x90

  • User was just connecting the dots, Root was really pathetic from the stability perspective even in the VIP labs

    3zCulprit

  • Got root!

    Actually, it's easy machine and lots of scenarios relevant to OSCP's.

    However, this machine has a pretty annoying way to be exploited, especially for public machines like hack the box.

  • The idea of the box is great but in practice it is awfully bad because people tend to reset it. Rooted.

    OSCP

  • Spoiler Removed

  • easy but intriguing box.
    User took me more than necessary because of damn overthinking.
    Root was quite challenging because the box seemed not really stable

    echo start dumb.bat > dumb.bat && dumb.bat
    doh!

  • pls dont reset again and again


    Hack The Box

    You can pm me on discord sh4d0wless#6154

  • Am I missing something? I see user.txt, which is empty?

  • somebody deleted the hash than. Reset box to get it back...

  • Rooted! What a funny box. Getting user.txt was easy, yet getting root with the connection problems was a challenge. An advice I can give you is to be patient and try harder. And, if you find something interesting to get root, don't follow all the steps, try to think a little bit outside the box. If you need a hint, just send a PM.

  • Hey guey, I pretty new to windows machines, so im lil bit stuck. I found 2 Net*****.log and host , hostname : ServMon and Domainename , could anyone help me with what particular file should i look for.
  • ROOTED!!
    thanks to @neon45 for the nudges.
    User is just a search away.
    for root use the API and read the doc carefully. don't struggle with the WEB UI
    PM for nudges :)

  • rooted now, thanks to all for the help and for your patience Pegasys14

  • Rooted. Combination of GUI fun and CLI fun. Refresh, refresh, refresh. Eventually it works.

  • i think anyone cant access the web page of ++ service
    i can not get root with this way
    someones reset again and again, someones bruteforce but they dont know ehat bruting for and machine get slower and slower again, really stressful minutes :angry:


    Hack The Box

    You can pm me on discord sh4d0wless#6154

  • Rooted. Found an easy way to reload modules via the webui. No need to reboot the machine. This one was pretty fun enumeration wise.

    Feel free to PM for any nudges.

  • I can't find the webui. Did you find using dirb or gobuster?

  • Type your comment> @haderach said:

    I can't find the webui. Did you find using dirb or gobuster?

    I found the page.

  • No need to keep reseting the server if you can get to the UI. It was painful to do the last couple steps of this box.
  • I got the login page and password but the message is "403 Your not allowed". WTF???

  • Is the box down?
    Ping 10.10.10.184
    8 packets transmitted, 0 received, +6 errors, 100% packet loss, time 7097ms
    pipe 4

  • Type your comment> @haderach said:

    I can't find the webui. Did you find using dirb or gobuster?

    it does not work try to access the web

  • Type your comment> @N00p said:

    Type your comment> @haderach said:

    I can't find the webui. Did you find using dirb or gobuster?

    it does not work try to access the web

    I found the login page and password but the message is a error login. O.o
    Any idea?

Sign In to comment.